GDPR learning and performance support topics:
- What is personal data
- Why is it so important to protect personal data
- Sensitive personal data
- Examples of what happens when personal data is not protected
- Data subjects and their rights
- What do we mean by data processing
- All the ways in which data is processed
- GDPR principles of data processing with real life examples
- Data processing vs data controlling
- Examples and scenarios of data breaches
- Whose data is it
- Collecting only the necessary data
- The importance of transparency
- What is a SAR and how to recognise it
- What is the right to be forgotten
- The role of a Data Protection Officer
- How and when to report a concern
- Example scenarios which should be reported
- Steps to take when receiving a Subject Access Request (SAR)
- Steps to take when receiving ‘right to be forgotten’ request
- 7 key GDPR principles of data processing
- Data protection by design
- Examples of data protection by design
- Scenario: failing to demonstrate data protection by design
- What does data protection by default mean
- Example and consequences
- Selecting data processors and 3rd party considerations
- Organisational policy development
- Enabling user right to be forgotten
- Reporting data breaches
- Key principles of privacy by design
- Red flags in an organisation’s IT systems
- The importance of public trust
- Personal data as an important commodity to companies
- How to collect personal data
- The rights of users whose data is collected and processed
- Transparency and privacy notice
- Consent and legitimate interest for data collection
- Profiling
- 6 lawful bases for data processing under GDPR
- Dos and don’ts: obtaining consent
- Individual rights
- Special category/sensitive data
- Data processing in recruitment
- Reporting data breaches
- The right to be informed
- The right to data rectification
- The right to access
- Right to be forgotten
- Right to restrict processing
- Consent or other justification
- Data retention
- 6 lawful bases for data processing under GDPR
- What is sensitive personal data?
- Individual rights: are you ready for these requests?